Asp.net Azure AD B2C-多个子域
我可以将Azure Active Directory B2C设置为与多个子域一起工作吗? 以下是我迄今为止所做的工作:Asp.net Azure AD B2C-多个子域,asp.net,azure,azure-active-directory,openid-connect,azure-ad-b2c,Asp.net,Azure,Azure Active Directory,Openid Connect,Azure Ad B2c,我可以将Azure Active Directory B2C设置为与多个子域一起工作吗? 以下是我迄今为止所做的工作: 设置一个B2C目录 创建了一个web应用程序:mytest.com-此应用程序中的身份验证和授权工作正常 我创建了另一个应用程序:subdomain.mytest.com-它使用相同的Azure B2C Active directory 现在,我想要的是:当我登录到“mytest.com”时,也要登录到“subdomain.mytest.com” 这可能吗 我的应用程序是使用O
谢谢,只要两个应用程序共享同一租户。默认情况下,单一登录在租户级别启用,并应用于租户中定义的所有应用程序对象。使其工作的行: app.UseCookieAuthentication(新的CookieAuthenticationOptions(){CookieDomain=“.mytest.com”}) 当我读到这篇文章时,我明白了这一点:(第3节)
我在
*.com
vswww.*.com
上遇到了同样的问题。
public void ConfigureAuth(IAppBuilder app)
{
app.SetDefaultSignInAsAuthenticationType(CookieAuthenticationDefaults.AuthenticationType);
app.UseCookieAuthentication(new CookieAuthenticationOptions() { CookieDomain = ".mytest.com"});
var options = new OpenIdConnectAuthenticationOptions
{
ClientId = clientIdb2c,
RedirectUri = redirectUri,
PostLogoutRedirectUri = redirectUri,
Notifications = new OpenIdConnectAuthenticationNotifications()
{
MessageReceived = (context) =>
{
//AADB2C90091: The user has cancelled entering self-asserted information.
if (!string.IsNullOrEmpty(context.ProtocolMessage.ErrorDescription) && !context.ProtocolMessage.ErrorDescription.StartsWith("AADB2C90091:", StringComparison.OrdinalIgnoreCase))
{
if (context.ProtocolMessage.ErrorDescription.StartsWith("AADB2C99002", StringComparison.OrdinalIgnoreCase))
{
throw new SecurityTokenValidationException("User does not exist. Please sign up before you can sign in.");
}
}
return Task.FromResult(0);
},
RedirectToIdentityProvider = OnRedirectToIdentityProvider,
AuthenticationFailed = AuthenticationFailed,
SecurityTokenValidated = (context) =>
{
//Create the logic to redirect here.
context.AuthenticationTicket.Properties.RedirectUri = "https://sub1.mytest.com";
return Task.FromResult(0);
}
},
Scope = "openid offline_access",
ResponseType = "id_token",
// The PolicyConfigurationManager takes care of getting the correct Azure AD authentication
// endpoints from the OpenID Connect metadata endpoint. It is included in the PolicyAuthHelpers folder.
ConfigurationManager = new PolicyConfigurationManager(
String.Format(CultureInfo.InvariantCulture, aadInstance, tenant, "/v2.0", OIDCMetadataSuffix),
new string[] { SignUpPolicyId, SignInPolicyId, ProfilePolicyId }),
};
app.UseOpenIdConnectAuthentication(options);
}